can't change or remove netflow setting from an ASA 5520

Unanswered Question
Apr 7th, 2010

I've tried in the ADSM and I've tried the CLI and I can't remove or change these entries.

Any know what I'm doing wrong here?

fw-x-5520-1(config)# flow-export destination iSP2/Swift 10.xx.x.xx 2055
ERROR: flow-export: destination already exists
fw-x5520-1(config)# no flow
fw-x5520-1(config)# no flow-export en
fw-x-5520-1(config)# no flow-export enable
ERROR: This command is no longer supported. Flow-export actions under MPF need to be removed to stop exporting NetFlow events.
fw-x5520-1(config)#

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Tulsi Ram Puttaraju Wed, 04/07/2010 - 13:54

try the no flow-export destination iSP2/Swift 10.xx.x.xx 2055

and then try to remove the no flow-export enable

Tulsi Ram Puttaraju Wed, 04/07/2010 - 14:13

how about this command:

no export destination ip-address port
no ip flow-export destination ip-address udp-port

Brent Rockburn Wed, 04/07/2010 - 14:17

fw-517-5520-1(config)# clear configure flow-export

ERROR: Some destinations may be in use. Remove references before attempting to delete

fw-517--5520-1(config)#

Still no worky!!

Tulsi Ram Puttaraju Wed, 04/07/2010 - 14:25

give the details of sh run | i flow-export

The error is showing destination in use because it value is yet to time out

try again the same command.

Brent Rockburn Wed, 04/07/2010 - 14:22

This appears when I do a sh run but not when I look through the config itself.

fw-517-5520-1# sh run | in flow
flow-export destination ISP2/Swift 10.66.x.x 2055
  flow-export event-type all destination 10.66.x.x
fw-517-5520-1#

douglas.ip Thu, 04/22/2010 - 09:55

Has this issue been resolved.  I'm having the same issue.  Thanks.

Doug

Jennifer Halim Fri, 04/23/2010 - 03:22

Remove the netflow configuration from the policy-map first (or just remove the class that has the netflow association from the policy-map), then you would be able to remove the netflow configuration.

Hope that helps.

douglas.ip Fri, 04/23/2010 - 06:43

Thanks for the reply.  Here is the config for policy-map. I tried to remove the policy map but got the error below.  What is the correct commands to remove flow-export?  Thanks.

policy-map global_policy
class class-default
  flow-export event-type all destination 10.59.1.53

AlzASA(config)# no policy-map global_policy
ERROR: policy-map global_policy is being used and hence cannot be removed.

Jennifer Halim Fri, 04/23/2010 - 06:50

Here is the steps:

no service-policy global_policy global

policy-map global_policy

     no class class-default

service-policy global_policy global

Actions

This Discussion